<?php
class Login_m extends CI_Model{
	function __construct(){//重载父类的数据库连接方法
		parent::__construct();
		$this->load->database();
	}
	//哈希值密码
	public function hash_password($password, $salt=false){
		if(empty($password)){
			return false;
		}
		if($this->store_salt && $salt){
			return shal($password . $salt);
		}else{
			$salt = $this->salt();
			return $salt . substr(sha1($salt . $password), 0, -10);
		}
	}

	/*哈希值验证密码*/
	public function hash_password_db($username, $password){
		if(empty($username) || empty($password)){
			return false;
		}
		
		$query = $this->db->select('user_pass,salt')
			->where('user_name', $username)
			->or_where('user_aliases', $username)
			->limit(1)
			->get('users');
		$result = $query->row();
		
		if($query->num_rows() !== 1){
			return false;
		}
		
		$salt = substr($result->user_pass, 0, 10);
		return $salt . substr(sha1($salt . $password), 0, -10);

	}
	
	//generates a random salt value
	public function salt(){
		return substr(md5(uniqid(rand(), true)), 0, 10);
	}

	//用户登录验证
	public function login($username, $password, $remember){
		if(empty($username) || empty($password) || !$this->username_check($username)){
			return false;
		}

		$query = $this->db->select('user_name, user_id, user_actual, user_pass, role_id, dept_id')
					->where('active', 1)
					->where('user_name', $username)
					->or_where('user_aliases', $username)
					->limit(1)
					->get('users');
		$result = $query->row();
		if($query->num_rows() == 1){
			$password = $this->hash_password_db($username, $password);
			if($result->user_pass === $password){
				//$this->db->where('id',$result->user_id)->where('check_read',1)->delete('sms_check');
				$this->update_last_login($result->user_id);
				$role_row = $this->db->select('role_id, role_name')->where('role_id', $result->role_id)->get('role')->row();
				$dept_row = $this->db->select('dept_id, dept_name')->where('dept_id', $result->dept_id)->get('dept')->row();
				
				$session_data = array(
					'user_name' 	=> $result->user_name,
					'user_id'		=> $result->user_id,
					'user_actual'	=> $result->user_actual,
					'role_id'		=> $role_row->role_id,
					'role_name'		=> $role_row->role_name,
					'dept_id'		=> $dept_row->dept_id,
					'dept_name'		=> $dept_row->dept_name
				);
				$this->session->set_userdata($session_data);
				
				if ($remember){
					$this->remember_user($result->user_id);
				}
				
				return true;
			}
		}
		return false;
	}
	
	//检查是否有该用户
	public function username_check($username = ''){
		if(empty($username)){
			return false;
		}
		return $this->db->where('user_name', $username)->or_where('user_aliases', $username)->count_all_results('users') > 0;
	}
	
	public function get_user($id = false){
	    $this->db->where('users.user_id', $id);
	    $this->db->limit(1);

	    return $this->db->get('users')->row();
	}
	
	//用户最后登录时间
	public function update_last_login($id){
	    $this->load->helper('date');
	    $this->db->update('users', array('last_login' => now()), array('user_id' => $id));
	    return $this->db->affected_rows() == 1;
	}
	
	//判断COOKIE并自动登录
	public function login_remembered_user(){
	    //check for valid data
	    if (!get_cookie('user_name') || !get_cookie('remember_code') || !$this->username_check(get_cookie('user_name'))){
		    return FALSE;
	    }

	    $query = $this->db->select('user_name, user_id, user_actual, role_id, dept_id')
			      ->where('user_name', get_cookie('user_name'))
			      ->where('remember_code', get_cookie('remember_code'))
			      ->limit(1)
			      ->get('users');

	    //if the user was found, sign them in
	    if ($query->num_rows() == 1){
			$user = $query->row();

			$this->update_last_login($user->user_id);

			$role_row = $this->db->select('role_id, role_name')->where('role_id', $user->role_id)->get('role')->row();
			$dept_row = $this->db->select('dept_id, dept_name')->where('dept_id', $user->dept_id)->get('dept')->row();

			$session_data = array(
				    'user_name' 	=> $user->user_name,
					'user_id'		=> $user->user_id,
					'user_actual'	=> $user->user_actual,
					'role_id'		=> $role_row->role_id,
					'role_name'		=> $role_row->role_name,
					'dept_id'		=> $dept_row->dept_id,
					'dept_name'		=> $dept_row->dept_name
					);

			$this->session->set_userdata($session_data);
			return true;
	    }
	    return false;
	}
	
	private function remember_user($id){
		if (!$id){
			return FALSE;
		}

		$user = $this->get_user($id);

		$salt = sha1($user->user_pass);

		$this->db->update('users', array('remember_code' => $salt), array('user_id' => $id));

		if ($this->db->affected_rows() > -1){
			set_cookie(array(
					'name'   => 'user_name',
					'value'  => $user->user_name,
					'expire' => '604800',
					));

			set_cookie(array(
					'name'   => 'remember_code',
					'value'  => $salt,
					'expire' => '604800',
					));

			return TRUE;
		}

		return FALSE;
	}
}
?>